Received: by 2002:a05:6a10:206:0:0:0:0 with SMTP id 6csp4185129pxj; Tue, 15 Jun 2021 17:45:55 -0700 (PDT) X-Google-Smtp-Source: ABdhPJxintS7uyr/+7XFOlMGdruaUN/Na3w8+XdwQ8TteDSl/hONJi5Lf/qZk0/BapPBfW6EtRvR X-Received: by 2002:a05:6638:140c:: with SMTP id k12mr1687640jad.126.1623804355014; Tue, 15 Jun 2021 17:45:55 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1623804355; cv=none; d=google.com; s=arc-20160816; b=ZpGJ7BB1NAu6OAjQ3ShhMRn19fuc0EvQofLqHz7t5FBuMzHwPWZTfWsuavwSlcJkG/ /khpw5RSSQmXHzwSyQ0UqD5qIEa0w0FpoUNQybnBZ/PyFGBB67GI+xlSKCVo0r6FP8En UOUhqproJVRMS87qhlHnrWIyMOLbMmSbLrqLgEBqTyWvF5xrkAS2dZ/ybEFJ9Gyj5qgU iXPvzetqo2fsShI+6HF5JqxTu0b3Y1rFp/6jB8+Hx0u1xgN9HTJ1dfCyUMuJa+1UaAQ+ hSNSmzBkfsUCc4ejUd9H2JisxEVOkKe6+THi+gGyiR4jZ3EPzJLccOpHySVQ8QcnyzYK at6A== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:cc:to:from:subject:mime-version:message-id:date :reply-to:dkim-signature; bh=LAtBe1i9QhHKeYZZABwyxEaBkt2ZmCBgZJOCDygERjA=; b=aIRmB1/7kBaaSegFvfSZnFygo/D3WupAsEAJqt6uuPEusLM0eldqf3X0sKpm/OAUdk sYEGWdV794QRGvxMRCKxqwIXsJ/HJjwL10hhIDYgqR0XLA3mlQ3ulm7azSQnX/G438s+ SAxOsxBl1++Sn3mBzrGwQrzXTMKeUDP5OGzZty+6NqFUxLfkRRYOc8Dw0FY0PMisXiXL cF69HL/KDowC0k8OQijxYg6JGueDDGKGmY7KBaj1nmgUA+44mnxQWj9a5jrP7ff1CcrO 3s3wm/TZCmysBHSbd7OHUD19TUOvb9kh5tXFrp81xZe8TvwddVvHkBbWTpdOmcEs1+9e 9LQA== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@google.com header.s=20161025 header.b=AnLpMAyg; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=google.com Return-Path: Received: from vger.kernel.org (vger.kernel.org. [23.128.96.18]) by mx.google.com with ESMTP id w2si452067iop.49.2021.06.15.17.45.42; Tue, 15 Jun 2021 17:45:54 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) client-ip=23.128.96.18; Authentication-Results: mx.google.com; dkim=pass header.i=@google.com header.s=20161025 header.b=AnLpMAyg; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=google.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S230507AbhFPArN (ORCPT + 99 others); Tue, 15 Jun 2021 20:47:13 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:37524 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S230265AbhFPArM (ORCPT ); Tue, 15 Jun 2021 20:47:12 -0400 Received: from mail-qv1-xf49.google.com (mail-qv1-xf49.google.com [IPv6:2607:f8b0:4864:20::f49]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id C97BAC061574 for ; Tue, 15 Jun 2021 17:45:07 -0700 (PDT) Received: by mail-qv1-xf49.google.com with SMTP id ca13-20020ad4560d0000b029023ebd662003so801932qvb.17 for ; Tue, 15 Jun 2021 17:45:07 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20161025; h=reply-to:date:message-id:mime-version:subject:from:to:cc; bh=LAtBe1i9QhHKeYZZABwyxEaBkt2ZmCBgZJOCDygERjA=; b=AnLpMAyg4/bsQ5ot7VlrLMCC3Gs/dLXo8gb9XR2t+kZPGucjlqTUQ2MhpMtPKhRz2J GM0zJcrIAIxIHwzmcZu8vBU3V4esevTpms5odDTEvk6a/FO3UqIvpZSj3xqYF7l0mQ4n 9+17IZPmW1eYOT2ooLRrVr7n0aseNkeHHgybMwsQEIYdi0TgpPpOmCaQm1y1qNLXs+x+ IL/EeLsMoBr+WRbtHqlkHyisbtmTA1Ww20hmdNC08vFLlWOFU1fu7T3ShfFqFLuHksB2 BVOJunRyHNmDqMdGz5UXxMITAro7zABjRlWyPUVa0E1lJoNLWI8GEaxs54jCkCOzT3Nl xxvg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:reply-to:date:message-id:mime-version:subject :from:to:cc; bh=LAtBe1i9QhHKeYZZABwyxEaBkt2ZmCBgZJOCDygERjA=; b=I2hf3JdHYmLfeBbtld09fAIrMK7WUSh29l2/nRptkQ49E4fjzARPB8UxYKK+b1jEiU eAu939VXrJhcztVSgZWmgTLmtuUk0KfwVRiJVTOUaoVl43vwnlPb+nuCGMFX7yWuU/hQ ZLsEMtGKET1W9yoBDbFALNF87hqkmmPta/ASaWxGNHhRTEP5BtvtVAeJoHW+oHrnAk27 cNMsY5FgTkriP7mG6o3X2sNUivdnMSQhZN0kn6MGps6vOQML/Lzf02pmsZ99vX9lYFsN Lfa/tJnbuiy9rJDPy3HjJsSjhtABdv7EzZyGGQEY9Aw2RlqwMs2YUJx/UW6GXMx0WVSN y6iw== X-Gm-Message-State: AOAM533Z7pSo6r4JLJ59MlOs4aL9E1+tc1jEZj0eOpxRhoa8bjZITpNE zmse2FSHBy1DamrXKcpFtNONdNMluVI= X-Received: from seanjc798194.pdx.corp.google.com ([2620:15c:f:10:af9:198d:bf4e:6def]) (user=seanjc job=sendgmr) by 2002:a0c:f684:: with SMTP id p4mr8247882qvn.16.1623804306792; Tue, 15 Jun 2021 17:45:06 -0700 (PDT) Reply-To: Sean Christopherson Date: Tue, 15 Jun 2021 17:44:58 -0700 Message-Id: <20210616004458.2192889-1-seanjc@google.com> Mime-Version: 1.0 X-Mailer: git-send-email 2.32.0.272.g935e593368-goog Subject: [PATCH] x86/sgx: Suppress WARN on inability to sanitize EPC if ksgxd is stopped From: Sean Christopherson To: Jarkko Sakkinen , Thomas Gleixner , Ingo Molnar , Borislav Petkov , x86@kernel.org Cc: Dave Hansen , "H. Peter Anvin" , linux-sgx@vger.kernel.org, linux-kernel@vger.kernel.org, Du Cheng , Sean Christopherson Content-Type: text/plain; charset="UTF-8" Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Don't WARN on having unsanitized EPC pages if ksgxd is stopped early, e.g. if sgx_init() realizes there will be no downstream consumers of EPC. If ksgxd is stopped early, EPC pages may be left on the dirty list, but that's ok because ksgxd is only stopped if SGX initialization failed or if the kernel is going down. In either case, the EPC won't be used. This bug was exposed by the addition of KVM support, but has existed and was hittable since the original sanitization code was added. Prior to adding KVM support, if Launch Control was not fully enabled, e.g. when running on older hardware, sgx_init() bailed immediately before spawning ksgxd because X86_FEATURE_SGX was cleared if X86_FEATURE_SGX_LC was unsupported. With KVM support, sgx_drv_init() handles the X86_FEATURE_SGX_LC check manually, so now there's any easy-to-hit case where sgx_init() will spawn ksgxd and _then_ fail to initialize, which results in sgx_init() stopping ksgxd before it finishes sanitizing the EPC. Prior to KVM support, the bug was much harder to hit because it basically required char device registration to fail. Reported-by: Du Cheng Fixes: e7e0545299d8 ("x86/sgx: Initialize metadata for Enclave Page Cache (EPC) sections") Signed-off-by: Sean Christopherson --- Lightly tested due to lack of hardware. I hacked the flow to verify that stopping early will leave work pending, and that rechecking should_stop() suppress the resulting WARN. arch/x86/kernel/cpu/sgx/main.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/arch/x86/kernel/cpu/sgx/main.c b/arch/x86/kernel/cpu/sgx/main.c index ad904747419e..fbad2b9625a5 100644 --- a/arch/x86/kernel/cpu/sgx/main.c +++ b/arch/x86/kernel/cpu/sgx/main.c @@ -425,7 +425,7 @@ static int ksgxd(void *p) __sgx_sanitize_pages(&sgx_dirty_page_list); /* sanity check: */ - WARN_ON(!list_empty(&sgx_dirty_page_list)); + WARN_ON(!list_empty(&sgx_dirty_page_list) && !kthread_should_stop()); while (!kthread_should_stop()) { if (try_to_freeze()) -- 2.32.0.272.g935e593368-goog